<?php
/**
 * 获取用户信息的API接口
 */

session_start();
require_once '../includes/config.php';
require_once '../includes/database.php';
require_once '../includes/auth.php';
require_once '../includes/user.php';

// 检查权限
$auth = getAuth();
$auth->requirePermission('super_admin');

// 获取用户ID
$userId = $_GET['id'] ?? 0;

if (!$userId) {
    http_response_code(400);
    echo json_encode(['error' => '用户ID不能为空']);
    exit;
}

try {
    // 初始化数据库和用户管理器
    $database = getDatabaseConnection();
    $userManager = new UserManager($database);
    
    // 获取用户信息
    $user = $userManager->getUserById($userId);
    
    if (!$user) {
        http_response_code(404);
        echo json_encode(['error' => '用户不存在']);
        exit;
    }
    
    // 返回用户信息（排除密码字段）
    unset($user['password']);
    header('Content-Type: application/json');
    echo json_encode($user);
    
} catch (Exception $e) {
    http_response_code(500);
    echo json_encode(['error' => '服务器错误: ' . $e->getMessage()]);
}
?>
